<?php require ('setcookie.html'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html lang="de">
<head>
    <title>Lingomoto - Registrierung - Sprachen lernen</title>
    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <meta name="description" content="Lingomoto - Registrierung - Sprachen lernen" />
    <meta name="language" content="de" />
    <link href="style.css" type="text/css" rel="stylesheet" />
    <link rel="shortcut icon" type="image/x-icon" href="favicon.ico" />
</head>

<body >

<?php
$_SESSION['logini'] = isset($_SESSION['logini']) ? $_SESSION['logini'] : false;
// read configuration
require ('konfiguration.html');
// read user-data
require ('nutzer.html');
// read header
$link = "registrieren.html";
$langen = 'register.html';
$langes = 'registrarse.html';
$langru = 'register.html';
require ('kopf.html');
// <!-- horizontal column -->
echo '<div>';
require ('horizontal.html');
echo '</div>';
// <!-- Left Column -->
echo '<div id="left_col">';
require ('vertikal.html');
echo '</div>';

// <!-- Content -->
echo '<div id="content">';
echo '<div id="block5">';

// request for login
if ($_SESSION['logini']== false and $error <> '') {
    require_once ('loginformular.html'); 
}
// if new password, request for change of password
elseif ( $newpass == 1 )
{
    $passwo = isset($_REQUEST['passwo']) ? $_REQUEST['passwo'] : '1';
    $passwo1 = isset($_REQUEST['passwo1']) ? $_REQUEST['passwo1'] : '1';
    $passwo2 = isset($_REQUEST['passwo2']) ? $_REQUEST['passwo2'] : '1';
    $ok='';
    require_once ('neues-passwort.html');
}
else
{
// initialize variables
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : "";
$email = isset($_REQUEST['email']) ? $_REQUEST['email'] : "";
$username = isset($_REQUEST['username']) ? $_REQUEST['username'] : "";
$password1 = isset($_REQUEST['password1']) ? $_REQUEST['password1'] : "";
$password2 = isset($_REQUEST['password2']) ? $_REQUEST['password2'] : "";
$gender   = isset($_REQUEST['gender']) ? $_REQUEST['gender'] : "";
$firstname  = isset($_REQUEST['firstname']) ? $_REQUEST['firstname'] : "";
$lastname   = isset($_REQUEST['lastname']) ? $_REQUEST['lastname'] : "";
$confirmed  = isset($_REQUEST['confirmed']) ? $_REQUEST['confirmed'] : "";
$email = trim($email);
$firstname = trim($firstname);
$lastname = trim($lastname);
$password1 = trim($password1);
$password2 = trim($password2);
$username = trim($username);

// Part 1
if ( $action == 'show_form' )
{
// Part 2: Form-Control
if  ( $email == "" OR
      $confirmed <> "v" OR
      $password1 <> $password2 OR
      $password1 == "" OR
      $username == "" OR
      !eregi("^[a-zA-Z0-9_äöüÄÖÜñÁÓÚáàâéèêíìîóòôúùûабвгдеёжзийклмнопр стуфхцчшщъыьэюяАБВГДЕЁЖЗИ ЙКЛМНОП�*СТУФХЦЧШЩЪЫЬ�*ЮЯ]+$", $password1) OR
	  strlen(utf8_decode($password1)) < 4	  
      )
{
    if ( $email == "" )
    { echo "<div class='message'>Bitte E-Mail angeben!</div>"; }
    if ( $password1 <> $password2 )
    { echo "<div class='message'>Passw&ouml;rter stimmen nicht &uuml;berein!</div>"; }
    elseif ( $password1 == "" )
    { echo "<div class='message'>Bitte Passwort angeben!</div>"; }
    elseif ( !eregi("^[a-zA-Z0-9_äöüÄÖÜñÁÓÚáàâéèêíìîóòôúùûабвгдеёжзийклмнопр стуфхцчшщъыьэюяАБВГДЕЁЖЗИ ЙКЛМНОП�*СТУФХЦЧШЩЪЫЬ�*ЮЯ]+$", $password1) or strlen(utf8_decode($password1)) < 4 )
    { echo "<div class='message'>Format des Passworts nicht korrekt. Bitte Passwort l&auml;nger als 3 Zeichen und ohne Sonderzeichen w&auml;hlen!</div>"; }
    if ( $username == "" )
    { echo "<div class='message'>Bitte Benutzernamen angeben!</div>"; }
    if ( $confirmed <> "v" )
    { echo "<div class='message'>Bitte Einverst&auml;ndniserkl&auml;rung abgeben!</div>"; }

    create_form();
}
else
{
    // Check username, if already exists
	$sql3 = " select username from customerdata where username = '$username' ";
    // DB Query
    $db_sel3 = mysql_query( $sql3 );
    if ( ! $db_sel3 ) { die('Error query: ' . mysql_error()); }
    $num_rows = mysql_num_rows($db_sel3);
    while ($row = mysql_fetch_array( $db_sel3, MYSQL_ASSOC)) {
    $usi = trim($row['username']);
    }
    if ( $num_rows <> 0 and $usi <> '' ) {

        echo "<div class='message'>Benutzername bereits vorhanden. Bitte anderen Namen w&auml;hlen!</div>";

        create_form();
        }
        else
        {


    // 1. email-check
    $test_mail = filter_var($email, FILTER_VALIDATE_EMAIL);
    if ($test_mail == false)
    {
        echo "<div class='message'>Format der E-Mail-Adresse nicht korrekt. Bitte neu eingeben!</div>";

    create_form();
    }
    else
    {
    
    // 2. email-check
    $isValid = true;
    validEmail($email);
    if ( $isValid == false ) 
    {
        echo "<div class='message'>Format der E-Mail-Adresse nicht korrekt. Bitte neu eingeben!</div>";

    create_form();
    }
    else 
    { 
    
    // spam-check
    tuersteher_zum_verstehen( $email );

    // create control-no
    $controlno = date("syHdim");
    $memberdate = date("ymdHis");

    // Part 2.5: Save Data
    save_file();

    if ( $ok == 1 ) 
    {
        // send E-Mail with Function
        mail_for_control();
    } 
    else
    {
        create_form();
    }
    } }
} }
}
else
{
    // Part 1: Show Form
    create_form();
}}

// ----------------------- Functions --------------------------------------------------------------------------------------------

function save_file() {

    global $ok,$num_rows,$email,$username,$password1,$password2,$gender,$firstname,$lastname,$confirmed,$memberdate,$controlno;

    $password5 = md5($password1);
	mysql_query('SET NAMES utf8');
	mysql_query('SET CHARACTER SET utf8');

    $sql  = "insert into customerdata set username = '$username', ";
    $sql .= "gender = '$gender', firstname = '$firstname', lastname = '$lastname', ";
    $sql .= "email = '$email', password = '$password5', ";
    $sql .= "memberdate = '$memberdate', controlno ='". $controlno . "', registered = 2, customerip ='". $_SERVER['REMOTE_ADDR'] . "' ";

    $sql2  = "update customerdata set username = '$username', ";
    $sql2 .= "gender = '$gender', firstname = '$firstname', lastname = '$lastname', ";
    $sql2 .= "password = '$password5', ";
    $sql2 .= "controlno ='". $controlno . "' , registered = 2, customerip ='". $_SERVER['REMOTE_ADDR'] . "' ";
    $sql2 .= "where email = '$email' ";

    $ok = 0;

    // check, if already exists
	$sql1 = " select email, registered from customerdata where email = '$email' ";
    // DB Query
    $db_sel1 = mysql_query( $sql1 );
    if ( ! $db_sel1 ) { die('Error query: ' . mysql_error()); }
    $num_rows = mysql_num_rows($db_sel1);
    if ( $num_rows <> 0 ) {
        while ($row = mysql_fetch_array( $db_sel1, MYSQL_ASSOC)) {
            if ( ! $row['registered'] )
            {
                $db_upd = mysql_query( $sql2 );
                if ( ! $db_upd ) { die('Error query: ' . mysql_error()); }
                echo "<h2>Best&auml;tigungs-Mail versendet</h2>";
                $ok = 1; // alles ok
            }
            else
            {
                echo "<div class='message'>E-Mail ";
                echo $row['email'];
                echo " bereits registriert!</div>";
            }
        }
    }
    // else insert new word
    else
    {
        $db_ins = mysql_query( $sql );
        if ( ! $db_ins ) { die('Error query: ' . mysql_error()); }
        echo "<h2>Best&auml;tigungs-Mail versendet</h2>";
        $ok = 1; // alles ok
    }
}

function mail_for_control() {

    global $email,$username,$password1,$password2,$gender,$firstname,$lastname,$confirmed,$controlno;

    $mailtext  = "Hallo $username,";
    $mailtext .= "\r\n";
    $mailtext .= "\r\n";
    $mailtext .= "danke, dass Du Dich bei Lingomoto angemeldet hast. ";
    $mailtext .= "\r\n";
    $mailtext .= "\r\n";
    $mailtext .= "Dein Passwort ist: ";
    $mailtext .= $password1;
    $mailtext .= "\r\n";
    $mailtext .= "\r\n";
    $mailtext .= "Um sicherzustellen, dass die E-Mail-Adresse ";
    $mailtext .= "funktioniert und Du Dich registrieren ";
    $mailtext .= "möchtest, klick bitte auf folgenden Link:";
    $mailtext .= "\r\n";
    $mailtext .= "\r\n";
    $mailtext .= 'http://'. $_SERVER ['HTTP_HOST']. '/rg-frei.html';
    $mailtext .= '?mail=';
    $mailtext .= $email;
    $mailtext .= '&id=';
    $mailtext .= $controlno;
    $mailtext .= "\r\n";
    $mailtext .= "\r\n";
    $mailtext .= "Aufgepasst: Du kannst Dich erst einloggen, wenn Du Deine E-Mail-Adresse bestätigt hast.";
    $mailtext .= "\r\n";
    $mailtext .= "\r\n";
    $mailtext .= "Dein Lingomoto-Team";
    $mailtext .= "\r\n";
    $mailtext .= "\r\n";

    $receiver = $email;
    $sender   = "info@lingomoto.com";
    $subject  = "Registrierung Lingomoto";
    $replyto  = "info@lingomoto.com";

mail( $receiver,
      $subject,
      $mailtext,
      "From: Lingomoto <". $sender . ">\nReply-To: $replyto",
      "-f $sender");
}

function create_form() {

    global $email,$username,$password1,$password2,$gender,$firstname,$lastname,$controlno,$confirmed;

    echo '<form action="'. $_SERVER['PHP_SELF'] . '" method="get" enctype="text/html">';
    echo '<h2>Registrierung</h2>';
    echo '<div id="block4">';
    echo '<br />';
    echo '<label for="email" class="left">Deine E-Mail</label>';
    echo '<input type="text" class="textfield1" name="email" value="';
    // Content, if form was not completed
    echo $email;
    echo '" onClick=this.value="" >';
    echo '<b><span class="red"> *</span></b><br />';
    echo '<label for="password1" class="left">Passwort</label>';
    echo '<input type="password" class="textfield1" maxlength="40" name="password1" value="" onClick=this.value="" >';
    echo '<b><span class="red"> *</span></b><br />';
    echo '<label for="password2" class="left">Passwort wiederholen</label>';
    echo '<input type="password" class="textfield1" maxlength="40" name="password2" value="">';
    echo '<b><span class="red"> *</span></b><br />';
    echo '<label for="username" class="left">Benutzername</label>';
    echo '<input type="text" class="textfield1" maxlength="50" name="username" value="';
    // Content, if form was not completed
    echo $username;
    echo '"><b><span class="red"> *</span></b><br />';
    echo '<input type="radio" id="radio1" name="gender" value="w" class="right1"';
    // Content, if form was not completed
    if ( $gender == "w")
    { echo 'checked="checked" '; }
    echo '>';
    echo '<label for="radio1">&nbsp;weiblich</label><br />';
    echo '<input type="radio" id="radio2" name="gender" value="m" class="right"';
    // Content, if form was not completed
    if ( $gender == "m")
    { echo 'checked="checked" '; }
    echo '>';
    echo '<label for="radio2">&nbsp;männlich</label><br />';
    echo '<label for="firstname" class="left">Vorname:</label>';
    echo '<input type="text" class="textfield1" maxlength="50" name="firstname" value="';
    // Content, if form was not completed
    echo $firstname;
    echo '">';
    echo '<br />';
    echo '<label for="lastname" class="left">Nachname:</label>';
    echo '<input type="text" class="textfield1" maxlength="50" name="lastname" value="';
    // Content, if form was not completed
    echo $lastname;
    echo '">';
    echo '<br /><br />';
    echo '<div class="right">';
    echo '<span class="red"><b>* </b>Pflichtfeld</span><br />';
    echo '<br />';
    echo '<div class=textsmall>';
    echo '<input type="Checkbox" name="confirmed" value="v" checked> ';
    echo 'Hiermit bin ich einverstanden, dass meine Daten ';
    echo 'elektronisch gespeichert werden. ';
    echo 'Lingomoto versichert, dass die E-Mail-Adresse und andere Angaben nicht an Dritte weitergegeben werden.';
    echo '</div><br />';

    echo '<input type="hidden" name="action" value="show_form" />';

    echo '<input type="image" src="bilder/buttons/speichern.gif" name="submit1" alt="Speichern" title=" Speichern " />';
    echo '</div></div>';
    echo '</form>';

}

function tuersteher_zum_verstehen( $zum_testen )
{
    $uebeltaeter[] = '%0A';
    $uebeltaeter[] = 'to:';
    $uebeltaeter[] = 'cc:';
    $uebeltaeter[] = 'bcc:';
    $uebeltaeter[] = 'from:';
    $uebeltaeter[] = 'subject:';
    $uebeltaeter[] = 'reply-to:';
    $uebeltaeter[] = 'content-type:';
    $uebeltaeter[] = 'mime-version:';
    $uebeltaeter[] = 'multipart/mixed';
    $uebeltaeter[] = 'content-transfer-encoding:';
    foreach ($uebeltaeter AS $einzeltaeter )
    {
        if (eregi ($einzeltaeter, $zum_testen))
        {
            echo "<p>Bitte keine Sonderzeichen eingeben!</p>";
            // es wird also alles abgebrochen, wenn Gefahr in Verzug ist
            exit;
        }
    }
}

function validEmail($email)
{
   global $isValid;

   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
      (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))

      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}


echo '</div>';
echo '</div>';
echo '<div id="adverts">';
echo '<div id="adbox"></div>';
echo '</div>';

require ('fuss.html');
?>

</body>
</html>